Windows Tips; What cndrive.exe Is?

Hello everybody, very long times thecybergal has no ideas to post something useful for you. Now, I will try to give some information about something like Trojan which called cndrive.exe. The name of cndrive.exe is given by SmadAv antivirus. It did bad things like cutting your internet connection. Here’s the simple descriptions about cndrive.exe:

1. Category: backdoor Trojan, network aware worm.
2. Process name: cndrive32.exe.
3. File location: %systemroot%\cndrive32.exe.
4. Size: 339,968 bytes.
5. Registry Activity:
*[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] > Microsoft Driver Setup = "%Windir%\cndrive32.exe". *[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] > Microsoft Driver Setup = "%Windir%\cndrive32.exe".

That’s all brief descriptions about cndrive32.exe. If your AntiVirus program can easily remove the Trojan, I think you got some good protection. But if you felt disturbed about this Trojan and your AntiVirus seems not good, you may manually block this Trojan process. Do these steps:

1. Run, and type "gpedit.msc". Go to User Configuration > Administrative Templates > System and double click Don’t run specified Windows applications.
2. Set to Enabled, click Show button next to List of disallowed applications. Click Add button and enter the name (cndrive32.exe).
   
   
   
   cndrive32.exe by thecybergal
   
3. If there are other programs that you suspect, just enter the name of the program such as the steps above.

Ok, buddy. That’s all a bit of Windows tips today. I hope you get something useful by reading thecybergal. See you on the next Windows tips. Not only cndrive32.exe of course.

Adapted from the letter of:

1. Ahmad Syahruddin (asm2000@yahoo.com)
2. Motta Gare (mottagare@yahoo.com)